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ABSTRACT 



A decoder conditional access system incorporates different 
encryption systems for providing access to programs derived 
from different sources. A conditional access processor for 
processing encrypted program data and an associated 
encryption code includes a first algorithm means for 
decrypting the encryption code to provide an encryption key. 
The conditional access processor also includes a second 
algorithm means for encrypting the encryption key and the 
second encryption algorithm is different to the first encryp- 
tion algorithm. A datastream representing the program is 
generated from encrypted program data and an associated 
encryption code. The encryption code is decrypted to pro- 
vide an encryption key using a first algorithm. The encryp- 
tion key is encrypted using a second algorithm different to 
the first encryption algorithm and the program datastream is 
formed firom the encrypted program data and the encrypted 
encryption key. The program datastream is decrypted by 
selecting between a first and a second decryption algorithm 
and by decrypting the encryption code to provide an encryp- 
tion key. The encryption key is used to decrypt the encrypted 
program. A storage medium data format for recording 
encrypted program data is also disclosed. 

25 Claims, 4 Drawing Sheets 
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FIGURE 2 
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PERFORM INITIALIZATION PROCEDURE: 

1) PRE-LOAD PID FILTERS WITH PID=0. 1 

2) STORE PS! INFORMATION FOR l/P STREAM: 

I) STORE PAT WITH PID = 0 ' 

II) STORE CAT WITH PID = 1 
ill) STORE PMT WITH PID = P1 
IV) STORE NIT WITH PID = P2 
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INPUT DATA (SP) IDENTIFYING THE PROGRAMS THE USER 
SELECTED FOR STORAGE 

INPUT DATA (SM) IDENTIFYING THE MEDIA USER SELECTED 
FOR STORAGE 

INPUT DATA (SE) IDENTIFYING WHETHER ENCRYPTED OR 
DECRYPTED VERSION OF PROGRAMS IS TO BE STORED 
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1) SET PID FILTERS FOR PROGRAM STORAGE AND DECODE 

2) DERIVE BROADCAST ENCRYPTION KEYS AND LOAD IN 
ENCRYPTION KEY TABLE 

3) PRE-LOAD SUBSTITUTION BUFFER WITH NULL DATA 
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FOR THE SELECTED PROGRAMS AND 
STORAGE MEDIA: 

1 ) FORM PLAYBACK ENCRYPTION 
CODE FOR STORAGE 

2) FORM CPSI TO INCLUDE THE 
PLAYBACK AND TO EXCLUDE THE 
BROADCAST ENCRYPTION CODES 



FOR THE SELECTED PROGRAMS AND 
STORAGE MEDIA, FORM CPSI FROM 
THE PSI EXCLUDING ENCRYPTION 
CODES FROM THE CPSI 




1) FORMAT THE CPSI INTO SECTIONS 

2) ADD HEADER DATA AND PACKETIZE THE CPSI FOR 
INSERTION IN A TRANSPORT DATASTREAM 
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FIGURE 3 




INSERT CPSI IN THE DATASTREAM IN 
SELECTED PSI DATA LOCATIONS AND 
OUTPUT DATASTREAM FOR STORAGE 
OR FURTHER PROCESSING 
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BILL USER VIA CONDITIONAL ACCESS 
SYSTEM FOR PROGRAM ACCESS OR 
PROGRAM STORAGE 
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END 
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SUBSTITUTE BROADCAST ENCRYPTION CODE IN 
DATASTREAM WITH NULL DATA IN REAL TIME; INSERT 
CPSI IN THE DATASTREAM IN SELECTED PSI DATA 
LOCATIONS; AND OUTPUT DATASTREAM FOR STORAGE 
OR FURTHER PROCESSING 
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BILL USER VIA CONDITIONAL ACCESS 
SYSTEM FOR PROGRAM ACCESS OR 
PROGRAM STORAGE 
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FIGURE 4 
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SELECT PROGRAM TO BE PLAYED BACK (SR) 
SELECT STORAGE DEVICE AND MEDIUM (SM) 
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SYNCHRONIZE STORAGE DEVICE FOR PROGRAM PLAYBACK 
COMMAND STORAGE DEVICE TO PROVIDE AN MPEG 
COMPATIBLE DATASTREAM FOR PLAYBACK 
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1. SELECT PLAYBACK PATH 

2. APPLY PLAYBACK KEY GENERATION ALGORITHM TO GENERATE 
ENCRYPTION KEY FROM STORED ENCRYPTION CODE 

. LOAD PID, DESTINATION AND ENCRYPTION KEY LOOK-UP TABLES 
WITH PLAYBACK ENCRYPTION KEYS FOR PLAYBACK 
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TRANSPORT DECODE PLAYED BACK DATASTREAM, APPLY 
CPSI DATA UPON CHANGE OF CPSI VERSION NUMBER AND 
OUTPUT RESULTANT STREAM TO APPLICATION DECODERS 
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BILL USER VIA CONDITIONAL ACCESS 
SYSTEM FOR PROGRAM PLAYBACK 
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DEX:ODING SYSTEM AND DATA FORMAT rity involves changing encryption algorithms and encryption 

FOR PROCESSING AND STOIUNG keys on a periodic or other basis. Such a change in algorithm 

ENCRYPTED BROADCAST, CABLE OR is typically initiated by a service provider in order to 

SATELLITE VIDEO DATA safeguard encryption system security and prevent code- 

nM ^ breaking and unauthorized program access. The inventors 

FIELD OF THE INVENTION jj^^^ ^^^^^y recognized that the use of an encryption system 

This invention is related to the field of digital signal involving changing encryption algorithms and encryption 

processing, and more particularly to the conditional access keys poses a problem for storage of programs in encrypted 

processing, decoding, and formatting of encrypted packet form. Specifically, a program stored in encrypted form along 

data for storage by a consumer receiver of broadcast, satel- 10 with an associated broadcast encryption key may not be able 

lite or cable video material, for example. to be decrypted once encryption algorithms have been 

BACKGROUND OF THE INVE^mON "P^*'"?: ^ °^ f^^on algorithm is not compatible with 

an earlier stored encryption key. Consequently, a stored 

In video processing and storage applications, digital video encrypted program cannot be decrypted and is unusable 

data is typically encoded to conform to the requirements of 15 once algorithms have been changed, 

a known standard. One such widely adopted standard is the ^^^^^ overcome this problem, another algorithm is 

MPEG2 (Moving Pictures Expert Group) unage encoding advantageously incorporated in a decoder conditional access 

standard, hereinafter referred to as the "MPEG standard". gy^tem. The conditional access system operates differenUy 

The MPEG standard is comprised of a system encoding in providing access to programs derived from a "live" source 

section (ISO/IEC 13818-1. Jun. 10th 1994) and a video 20 e.g. a contemporaneous broadcast, than for programs 

encoding section (ISO/IEC 13818-2. Jan. 20th 1995). here- j^^ived from a local storage source e.g. a storage medium. 

r.n^J/'^?'"'' ^""J^J^ ^y^f^f^""^^'^" f d A conditional access processor for processing encrypted 

"MPEG video standard respective y. Video data encoded to ^ encryption code includes a first algo- 

the MPEG standard IS in the form of a padceUzed datastream ^^^^ decrypting the encryption code to provide 

which typically includes the data con ent of many program 25 encryption key. The conditional access proces^r also 

channels (analogous to channels 1-125 m cable TV. for ^^^^^^^ ^ ^^^^ .^^^^ ^^^^^ encrypting the 

example). The data content of premium program channels , j^^^ ^ey and the second encryption algorithm is 

such as HBO™. Cmemax™ and Showtme™. for example, ^^^^^^^ ^ encryption algorithm. 

IS usually protected from unauthonzed access by methods , , . ..^ 

such as encryption and scrambling. TTjcsc methods may be 30 " °^ wvention, a method for generatmg a 

used alone, repetitively, or in combination to provide a P™g"^ representaUve datastream from encrypted program 

plurality of levels of protection. an associated encryption code involves decrypUng 

, , , , the encryption code to provide an encryption key using a 

In a decoder, access to the premium channelsjs typically g^, algorithm. Hie encryption key is encrypted using a 

governed by a conditional access system which manages ^^^^ g^, encryption algorithm, 

user biUmg and controls program descrambhng and decryp- 35 datastream is formed from the encrypted 

tion based on user entitlement. The conditional access ^ A^Tl^^AiU^^^ ^ r^*: 

, , . . . , . program data and the encrypted encryption key. 

system may determine whether access is authorized ma , . u^r^ 

variety of ways. For example, authorization may be deter- , ^^^^^^^ '^"^ mvention, a method for decodmg 

mined within the decoder from user entitlement information ? ^ P^^g^^ representauve datastream mvolves selecting 

pre-programmed on a so-called "smart card". Alternatively, 40 ^'^^^^^ * ^i! ^ second algorithm for decrypting the 

authorization may be determined at a remote location and <^ncryption code. The encrypUon code is decrypted to pro- 

implemented within the decoder using user entitlement vide an encrypUon key usmg the selected algorithm, and the 

information that is transmitted from the remote location, as P^°g^^ ^^^P^^ ^"^g encryption key. 

in a cable television pay-per-view service. The entitlement ^ further feature of the mvention. a storage medwm 

information typically includes codes used to generate 45 <*ata format is disclosed for recording program data 

descrambling and decryption keys that are used for program encrypted using a first encryption algorithm and an encryp- 

descrambling and decryption. However, the entitlement tion code. The encryption code is obtained by encrypting an 

information may instead include the keys themselves. encryption key using a second encryption algorithm diflfer- 

Thc processing of encrypted and non-encrypted program f"*™ ^'^^ encryption algorithm, 

data and the management of associated encryption and 50 BRIEF DESCRIPTION OF THE DRAWINGS 

scrambling codes for storage, billing and other applications In the drawing: 

presents a number of problems. One problem is presented by FIG. 1 shows a video receiver system, according to the 
the need to maintain encryption code security when a invention, for adaptive ly generating a program representa- 
program is stored by a consumer in either encrypted or tive datastream in user selectable, encrypted or non- 
no n-encryptcd form for viewing at a later time. Further 55 encrypted form. 

problems are involved in providing a system that permits FIGS. 2 and 3 show a process flowchart for providing a 

billing on the storage or playback of a program and that program representative datastream suitable for storage on a 

permits copy protected processing of encrypted and non- selectable storage medium and for executing the associated 

encrypted program data. user billing. 

These problems are addressed by a system according to FIG. 4 shows a flowciiart for a process for recovering 

the present invention. Hereinafter the term "encryption" selected encrypted or non-encrypted programs from a 

encompasses scrambling functions to the extent that the selected storage device and for billing a user upon program 

functions are used to prevent unauthorized use. recovery. 

SUMMARY OF THE INVENTION ^3 DETAILED DESCRIPTION OF THE DRAWINGS 

In decoder systems that process programs in encrypted FIG. 1 shows a video receiver system, according to the 

form, one technique used to maintain encryption code secu- invention, for adaptively generating a program representa- 
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live daiastream, in user selectable, encrypted or non- 
encrypted form. Althciigh the disclosed system is described 
in the context of an MPEG compatible system for receiving 
MPEG encoded transport streams representing broadcast 
programs, it is exemplary only. The principles of the inven- 
tion may also be applied to other types of system including 
non-MPEG compatible systems, involving other types of 
encoded datastreams. Further, although the disclosed system 
is described as processing broadcast programs, this is exem- 
plary only. The term * program' is used to represent any form 
of packetized data such as telephone messages, computer 
programs, Internet data or other communications, for 
example. 

In overview, in the video receiver system of FIG. 1, a 
carrier modulated with video data is received by anteima 10 
and processed by unit 15, The resultant digital output signal 
is demodulated by demodulator 20 and decoded by decoder 
30. The output from decoder 30 is processed by transport 
system 25 which is responsive to commands from remote 
control unit 125. System 25 provides compressed data 
outputs for storage, ftirther decoding, or communication to 
other devices. System 25 incorporates a conditional access 
system for managing user billing and for controlling pro- 
gram descrambling and decryption based on user entitle- 
ment. A video receiver user selects the program he wishes to 
view, the programs he wishes to store, the type of storage 
media used and whether the programs are to be stored in 
encrypted or non -encrypted form by on-screen menu selec- 
tion using remote control unit 125. System 25 also provides 
a mechanism for permitting real lime or non-real time 
removal of encryption codes from a non-encrypted program 
datastream. 

Video and audio decoders 85 and 80 respectively, decode 
the compressed data from system 25 to provide outputs for 
display. Data port 75 provides an interface for conmiunica- 
tion of the compressed data from system 25 to other devices 
such as a computer or High Definition Television (HDTV) 
receiver, for example. Storage device 90 stores the com- 
pressed data from system 25 on storage medium 105. Device 
90, in a playback mode, also supports retrieval of the 
compressed data from storage medium 105 for processing 
by system 25 for decoding, communication to other devices 
or storage on a different storage medium (not shown to 
simplify drawing). The conditional access system within 
system 25 supports the decryption and billing for program 
storage, playback, or fiirther processing including commu- 
nication to other devices. The conditional access system of 
system 25 employs a different decryption and billing mecha- 
nism for processing program data received from a broadcast 
source than from data played back from a local storage 
source. 

Considering FIG. 1 in detail, a carrier modulated with 
video data received by antenna 10, is converted to digital 
form and processed by input processor 15. Processor 15 
includes radio frequency (RF) tuner and intermediate fre- 
quency (IF) mixer and amplification stages for down- 
converting the input video signal to a lower frequency band 
suitable for further processing. The resultant digital output 
signal is demodulated by demodulator 20 and decoded by 
decoder 30. The output from decoder 30 is further processed 
by transport system 25. 

Multiplexer (mux) 37 of service detector 33 is provided, 
via selector 35, with either the output from decoder 30, or 
the decoder 30 output further processed by NRSS (National 
Renewable Standards Committee) descrambling unit 40. 
Selector 35 detects the presence of an insertable, NRSS 
compatible, descrambling card and provides the output of 
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unit 40 10 mux 37 only if the card is currently inserted in the 
video receiver unit (the NRSS removable conditional access 
system is defined in EIA Draft Document IS-679, Project 
PN-3639). Otherwise selector 35 provides the output from 

5 decoder 30 to mux 37. The presence of the insertable card 
permits unit 40 to descramble additional premium program 
channels, for example, and provide additional program 
services to a viewer. It should be noted that NRSS unit 40 
and smart card unit 130 (smart card imit 130 is discussed 

JO later) share the same system 25 interface such thai only 
either an NRSS card or a smart card may be inserted at any 
one time. Alternatively, the interfaces may be separate to 
allow series or parallel operation. 
The data provided to mux 37 from selector 35 is in the 

15 form of an MPEG compliant packetized transport datas- 
tream as defined in MPEG systems standard section 2.4 and 
includes the data content of one or more program channels. 
The individual packets that comprise particular program 
channels are identified by Packet Identifiers (PIDs), The 

20 transport stream contains ancillary data supporting transmis- 
sion and decoding of transport encoded data. The ancillary 
data includes Program Specific Information (I^I) for use in 
identifying the PIDs and assembling individual data packets 
to recover the content of all the program channels that 

25 comprise the packetized datastream. A video receiver user 
selects the program he wishes to view, the programs he 
wishes to store, the media to be used for storage and whether 
the programs are to be stored in encrypted or non-encrypted 
form by on-screen menu selection using remote control unit 

30 125. System controller 115 uses the selection information, 
provided via interface 120, to configure system 25 to select 
the programs for storage and display and to generate PSI 
suitable for the selected storage device and media. Control- 
ler 115 configures system 25 elements 45, 47, 50, 55, 65 and 

35 95 by setting control register values within these elements 
via a data bus and by selecting signal paths via muxes 37 and 
110 with control signal C, Controller 115 is also program- 
mable to permit real time and non-real time removal of 
encryption codes from a non-encrypted program datastream 

40 that is to be stored or otherwise processed. This feature 
enhances encryption security by preventing the export of 
encryption keys beyond system 25 thereby limiting avail- 
ability to third parties. 
In response to control signal C, mux 37 selects either the 

45 transport stream from unh 35, or in a playback mode, a 
datastream retrieved from storage device 90 via store inter- 
face 95. In normal, non-playback operation, the data packets 
comprising the program that the user selected to view are 
identified by their PIDs by selection unit 45. If an encryption 

50 indicator in ihe header data of the selected program packets 
indicates the packets are encrypted, unit 45 provides the 
packets to decryption unit 50. Otherwise unit 45 provides 
non-encrypted packets to transport decoder 55, Similarly, 
the data packets comprising the programs that the user 

55 selected for storage are identified by their PIDs by selection 
unit 47. Unit 47 provides encrypted packets to decryption 
unit 50 or non-encrypted packets to mux 110 based on the 
packet header encryption indicator information. 
Units 45 and 47 employ PID detection filters that match 

60 the PIDs of incoming packets provided by mux 37 with PID 
values pre-loaded in control registers within units 45 and 47 
by controller 115. The pre-loaded PIDs are used in units 47 
and 45 to identify the data packets that are to be stored and 
the data packets that are to be decoded for use in providing 

65 a video image. The pre-loaded PIDs are stored in look-up 
tables in units 45 and 47. The PID look-up tables are 
memory mapped to encryption key tables in imits 45 and 47 
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thai associate encryption keys with each pre-loaded PID. implemented by a service provider on a regular basis or as 

The memory mapped PH) and encryption key look-up tables frequently as desired in order to safeguard encryption sys- 

pcrmit units 45 and 47 to match encrypted packets contain- tern security and prevent code-breaking and unauthorized 

ing a pre-loaded PID with associated encryption keys that program access. 

permit their decryptioit Non-encrypted packets do not have 5 ^^^^ recognized that the use of such an 

assoc.al«I encrjrpl.on keys. Units 45 and 47 prov.de boUi , involving changing encryption keys 

idenlified packets and their associated encryption keys to -"^ l/c. % • . ^ e 

decryptor 50. The PID look-up table in mdt 45 is also P-J'^^'^ ^^''^'^ of programs in encrypted form 

memory mapped to a destination table that matches packeU Specifically a program stored m encrjyted form along with 

containing pre-loaded PlDs with corresponding destination ,„ " fsociated broadest encryption code may not be able to 

buffer locations in packet buffer 60. The encryption keys and decrypted onoe the anan «rd has been changed and the 

destination buffer location addresses associated with the ^""^ algonthms have been updated. This is because 

programs selected by a user for viewing or storage are ^ algorithm on the smart card is not compatible with 

pre-loaded into units 45 and 47 along with the assigned PIDs en^t">° code associated with an earlier version smart 

bv controller 115 ' Consequently, the new smart card algorithm is unable 

_ .. ', ... -o,- , ''to derive the required broadcast encryption key from the 

The encryption keys are generated by ISO 7816-3 com- . , j tu- ,u . .u . j .j 

... . ' , ttn. c .-J stored encryption code. This means that the stored encrypted 

phant smart card system 130 from encryption codes p^g^an it be decrypted and is unusable once a system 

extracted from the mput datastieam. TTie generauon of the . 
encryption keys is subject to customer entitlement deter- 

mined from coded information pre-stored on the insertable ^° °^^®'* ^^^rcome this problem, a third and different 

smart card itself (International Standards Organization docu- algorithm, the playback algorithm, is advantageously incor- 

ment ISO 7816-3 of 1989 defines the interface and signal porated on the smart card. The third algorithm function, 

structures for a smart card system). Customer entitlement playback algorithm, is used in specific operations 

information may be periodically changed by updating the ^^^^ "^^^^ system 25 for encrypting broadcast encryption 

coded information on the insertable smart card via com- „ ^^y^ ^ foraa playback encryption codes m storage and 

mands in the input datastream. playback modes of system 25. 

The insertable. ISO 7816-3 compliant smart card advan- Once encrypted by the playback algorithm, the playback 

tageously contains three algorithm functions. Two of the encryption codes may be securely stored, along with 

algorithm functions, termed the broadcast encryption encrypted program content, on a storage medium. Upon 

algorithms, arc assigned to generate encryption keys from 30 playback of the encrypted program, the playback algorithm 

broadcast encryption codes extracted from the input datas- function decrypts the stored encryption codes to derive the 

tream in non-playback modes of system 25. A broadcast original broadcast encryption keys to enable decryption of 

encryption algorithm generates encryption keys by decrypt- the encrypted program content. The derived broadcast 

ing broadcast encryption codes within smart card 130 itself. encryption keys are used by unit 50 to decrypt encrypted 

The third algorithm function is applied in system 25 for 35 program content packets as described later. The playback 

encrypting and decrypting the derived broadcast encryption algorithm is not changed as frequently as the two broadcast 

keys in storage and playback modes of system 25. The algorithms and may be left unchanged in successive versions 

playback algorithm encrypts and decrypts the broadcast of smart card. This enables the stored encrypted program to 

encryption keys within the insertable smart card itself. be decrypted and used despite changes in smart cards and 

However, in other systems, the playback algorithm function 40 ^'roadcast encryption algorithms. 

may reside elsewhere, such as in a decoder, for example. The packets provided by units 45 and 47 to unit 50 arc 

The three encryption algorithms used in smart card 130 encrypted according to the Data Encryption Standard (DES). 

may be any one of a variety of types and the playback Decryption unit 50 of system 25 of HG. 1 employs the DES 

algorithm need not be the same type as the broadcast algorithm function in decrypting these encrypted packets. In 

algorithm. For exemplary purposes, the broadcast and play- 45 other implementations of system 25 unit 50 may altema- 

back algorithms are deemed to be Data Encryption Standard tively use other algorithm functions such as the previously 

(DES) algorithm functions as defined in Federal Information mentioned RSA ftmctioo. Unit 50 applies known techniques 

Standards (FI PS) Publications 46, 74 and 81 provided by the to decrypt the encrypted packets using corresponding 

National Technical Information Service, Department of encryption keys provided by smart card 130 via units 45 and 

Commerce. However, these algorithm functions may alter- 50 47. The decrypted padcets from unit 50 and the non- 

natively be another type such as Rivest-Shamir-Adlemann encrypted packets from tmit 45 that comprise the program 

(RSA) type functions. for display are provided to decoder 55. The decrypted 

Each of the two broadcast encryption algorithms that are packets from unit 50 and the non-encrypted packets from 

resident on the smart card may be activated by control u°it 47 that comprise the program for storage are provided 

information in the input datastream. Tvo broadcast encryp- 55 lo mux 110. 

tion algorithms are contained within the smart card in order Unit 60 contains packet buffers accessible by controller 

to permit a service provider to make a simultaneous change 115. One of the buffers is assigned to hold data destined for 

in broadcast encryption algorithm for all customers. A use by controller 115 and three other buffers are assigned to 

service provider makes a change in broadcast encryption hold packets that are destined for use by application devices 

algorithm by issuing a new smart card with a new algorithm 60 75, 80 and 85. A further buffer, the substitution buffer 

to all customers safely in advance of the date the new discussed later, is used to hold data for substituting for 

algorithm is to be employed. On the change date, the service encryption code data. Access to the packets stored in the 

provider simultaneously: commands the smart card to buffers within unit 60 by both controller 115 and by appli- 

cbange to the new algorithm by updating the control infor- cation interface 70 is controlled by buffer control unit 65. 

mation in the broadcast datastream; encrypts programs with 65 Unit 45 provides a destination flag to unit 65 for each packet 

the new algorithm; and inserts updated encryption codes in identified by unit 45 for decoding. The flags indicate the 

the broadcast datastream. A change in algorithm may be individual unit 60 destination locations for the identified 
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packets and are stored by control unit 65 in an internal a playback eacryptioo code for storage on medium 105, and 

memory table. Control unit 65 determines a series of read to remove the original broadcast encryption codes from the 

and write pointers associated with packets stored in buffer 60 program datastrcam to be stored. The packet identification 

based on the Fiisi -In-First-Out (FIFO) principle. The write and direction process of FIGS. 2 and 3 is governed by 
pointers in conjunction with the destination flags permit 5 controller 115. control unit 65, and the PID. destination and 

sequential storage of an identified packet from units 45 or 50 encryption key look-up tables of units 45 and 47 in the 

in the next empty location within the appropriate destination manner previously described. 

buffer in unit 60. The read pointers permit sequential reading ^PSI (Condensed Program Specific Information) 

of packets from the appropriate unit 60 destination buffers contains information related to the particular program to be 
by controUer 115 and appUcation interface 70. 10 ^^^^^^ whereas the PSI contains information related to all 

^ , , , -jj. the programs in the datastream input to system 25. 

TTie non-*DCTypted and decrypted packets provided by coniquenUy, the CPSI takes up less storage capacity and 

units 45 and 50 to decoder 55 oontam a transport header as ^^^^^^ .^/p^j ^^^^ ^ 

defined by section 2.4.3.2 of the MPEG systems standard. . „„. . „ j ,,„;„, ,u. noci ,„ , 

■ e L Lj L.u nxed overbead constraint, the CPal may Ije repeated m a 

Decoder 55 determines from the trai^port header whether ^^^^^^^ „„„ frequently than the PSI and so may be 

the non-encprpted and deoyptedpadcets oontam an adap- 15 ^^.^^ ^ ^ ^^^^ ^ ^ 

lalion field (per the MPEG systems standard). The adapta- roeram content 

lion field contains timing information including, for ^ ^ __, ,* , . . * j j 

example. Program Clock References (PCRs) that permit , 7^«= P^l as defined in MPEG sj^tems standard section 

synchronization and decoding of content packets. Upon 2.4.4 comprises four non-enco^pted elements or tables of 
J . f • • f ™ « 70 miormation. These are the Program Association Table 

detection of a timing information packet, i.e., a packet n. t ui /nt^n^ 4U kj ^ i i f 

i ' ' A i i- a A aI cc^-„«,1c (PAT), the Program Map Table (PMT), the Network Infor- 

containing an adaptation field, decoder 55 signals controller ^ i^xm^ j r> a-!- i a ui 

iie »u ♦ Tu !«4 u^^ u.. , o„c*-™ mation Table (NIT) and the Conditional Access Table 

115 that the packet has been received, by settmg a system /^at^ n u . Vi • f j r a , i . «u ♦ 

interrupt wiUiin an interrupt mechanism. In addition. (CAT). Each table is formed fnarn data Packets hat are 

decoder 55 changes the timing packet destination flag in unit "^f"^"* .P»"^"J" Tie PMT defines the PID 
65 and provides the packet to unit 60. By changing the unit 25 labels that identify the mdmdual packetized datastreams 

65 destkiation flag, unit 65 diverts the timing information constitute a program. TTiese individual sUemis are 

packet provided by decoder 55 to the unit 60 buffer location elementary streams in the MPEG standard. Elemen- 

• j.Lijj.r L ♦iiiic ijf* tary streams include datastreams such as video, audio tor 

assigned to bold data for use by controller 115, mstc ad of to ^ , , j . ^ n^^^ 

° r ^. . fc 1 various languages and caption datastreams. The PAl asso- 

an apphcaUon buffer locaUon. . ^ ^ u m. mr* *u 4 -* -a 

, . 30 ciates a program number with the PIDs that permit identi- 

Upon receivmg the system interrupt set by decoder 55, ^^^^^ assembly of the packets comprising the PMT 

controller 115 reads the tuning mfonnation and PCR value opUonal and may be structured and used to define 

and stores it in internal memory. PCR values of successive ^^^^-^^ ^^^^^ parameters such as satelUte transmission 

timing information packets are used by controller 115 to ^^^^^^^ frequencies and transponder channels, for example, 

adjust the system 25 master clock (27 MHz). The difference ^AT contains the conditional access information such 

between PCR based and master clock based estunates of the encryption codes that govern access to programs that are 

time interval between the receipt of successive tmiing dependent upon user entitlement. 

packets, generated by controller U5, is used to adjust the ^OS of FIG. 2, controUer 115 (FIG. 1) performs an 

system 25 m^ter clock (not shown to sunplify drawing). -^^^^^^^^^ ^cedure at system power-up following the 

Controller 115 achieves this by applymg the derived lime ^tan at step 200. In step 205, controller 115 loads the unit 45 

estmiate difference to adjust the input contro voltage of a ^ ^^^^^^^ ^^^^^ j^p^^ ^^^^ pj^ 

voltage conlroUed oscillator used to generate ttie inaster (^^ p^ ^^^^^ ^j^^ ^^^^ ^ 

clock. ControlerllSresetsthesystemmterruptafterstormg ^^^^ respectively). In addition, controUer 115 

the liming mformation m internal memory. pre-assigns the PAT and CAT packets to the controUer buffer 

Packets received by decoder 55 from units 45 and 50 that ^.y updating the unit 45 destinatk)n table. The PAT 
contain program content including audio, video, caption, and CAT packets detected by unit 45 are steered via decoder 
and other information, are directed by unit 65 from decoder 55 ^ ^hg conU-oUer buffer in unit 60 under control of unit 65. 
55 to the designated application device buffers in packet ^^^^ 205, control unit 65 signals controller 115 via a PSI 
buffer 60. Application control unit 70 sequentially retrieves interrupt that PSI packets are present in unit 60. Controller 
the audio, video, caption and other data from the designated receipt of the PSI interrupt, repetitively accesses 
buffers in buffer 60 and provides the data to corresponding t^e packets stored in iu designated unit 60 buffer and stores 
application devices 75, 80 and 85. The application devices complete CAT and PAT data in internal memory. Con- 
comprise audio and video decoders 80 and 85 and high j^oUer 115 repeats this process to store complete PMT and 
speed data port 75. Data port 75 may be used to provide high ^ ^^^^ ^ internal memory after determining the PIDs that 
speed data such as computer programs, for example to a identify the PMT and NIT packets from the PAT. Controller 
computer. Alternatively port 75 may be used to output data continuously accesses buffer 60 and captures PSI pack- 
to an HDTV decoder, for example. internal memory upon receipt of PSI interrupts whUe 

Packets that contain PSI information are recognized by the receiver is powered on. As a result, controUer 115 

unit 45 as destined for the controUer 115 buffer in unit 60. capmres in its internal memory the PAT, PMT, NIT and CAT 

Tlic PSI packets are directed to this buffer by unit 65 via data thai comprises the full PSI of the transport datastream 

units 45, 50 and 55 in a similar manner to that described for input to system 25. 

packets containing program content. ControUer 115 reads Iq step 210 of FIG. 2, user generated data (SP, SM, SE) 

the PSI from unit 60 and stores it in internal memory, identifying the programs a user wishes to store, as well as 

CbntroUer 115 employs the process of FIGS. 2 and 3 to those programs that are to be stored in encrypted form, and 
generate a program datastream suitable for storage on 65 the media and device to be used for storage, is input to 

medium 105 and to biU a user for Uie storage. ControUer 115 controUer 115 (FIG. 1). A user may select encrypted storage 

also employs the process of FIGS. 2 and 3 both to generate in preference to non-encrypted storage for a variety of 
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reasons. For example, a service provider may make it 
cheaper to store in encrypted form as a way of limiting the 
number of subsequent copies a user may make. A service 
provider may be achieve this by controlling access to the 
encrypted program via pre-stored smart card entitlement 5 
information. The selection data input to controller 115 is 
entered by a user through on-screen menu selection with 
remote control unit 125 via interface 120. In step 215, in 
response to the input selection data (SP), controller 115 
derives the PIDs for the selected programs for storage firom 
the stored PSI. The unit 47 detection filters arc loaded with 
the PIDs of the programs to be stored by controller 115. This 
enables unit 47 to identify the packets comprising the 
programs selected for storage. In step 215, controller 115 
also pre-loads the unit 60 substitution buflfer with null data. 
The null data is to be substituted for broadcast encryption 
codes occurring in programs broadcast in encrypted foran 
that are selected for storage. 

In step 215 of FIG. 2, unit 47 (FIG. 1) provides non- 
encrypted packets to mux 110 and provides encrypted pack- 
ets (identiJQed by an encryption indicator in the packet 20 
header data) along with associated broadcast encryption 
keys to decryption unit 50. The broadcast encryption keys 
are provided to unit 47 by controller 115 in step 215 of FIG. 
2, following their generation by smart card 130 (FIG. 1) by 
decryption of encryption codes obtained from the CAT for 25 
the selected programs (SP) in the manner previously 
described. However, if selection data SE requests encrypted 
storage, unit 47 passes the encrypted packets to be stored to 
mux 110. Consequently, in step 215 of FIG. 2, the packets 
comprising the programs to be stored (SP) are provided to 30 
mux 110 either in encr>pted or decrypted form in response 
to selection data SE. 

In steps 217-227, controller 115 forms condensed pro- 
gram specific information (CPSI) for the programs selected 
for storage (SP) from the full program specific information 35 
(PSI) captured from the transport datastream input to system 
25. If the SE data requests encrypted storage, controller 115 
performs step 227 following decision step 217. In step 227, 
controller 115 applies the playback algorithm function in 
smart card system 130 to encrypt the broadcast encryption 40 
key previously generated (by decryption of a broadcast 
encryption code) in step 215 to form a playback encryption 
code for the program to be stored. The CPSI is formed to 
include the playback encryption code but to exclude the 
broadcast encryption code originally present in the PSI of 45 
the transport datastream input to system 25. Consequently, 
the datastream formed for the program destined for storage 
excludes its associated broadcast encryption code. This 
prevents the compromise in encryption key security that 
occurs when encryption keys are stored on removable stor- 50 
age media accessible by third parties. Once keys are acces- 
sible on a storage media, their security is dependent on the 
sophistication of available reverse engineering and code- 
breaking techniques. In this system, multiple levels of 
security are provided by not storing the broadcast encryption 55 
codes from which the broadcast encryption keys are derived 
and by storing the broadcast encryption keys in encrypted 
form. Further, even if the keys were deduced for the stored 
program, it would not provide access to current broadcast 
programs for which the broadcast encryption algorithm is 60 
regularly changed. 

If the SE input data does not request encrypted storage, 
controller 115 performs step 225 following decision step 
217. In step 225, controller 115 forms the CPSI of the 
program destined for storage from the PSI of the transport 65 
datastream input to system 25 and excludes encryption 
codes from the CPSI. 
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The described encryption system is exemplary only. Alter- 
native encryption mechanisms may convey the broadcast 
and playback encryption codes in datastream information 
areas other than the PSI. Other encryption mechanisms may 
also require the generation and insertion of the encryption 
codes at different interv^als than is involved in the generation 
of the PSI. If broadcast encryption codes are not conveyed 
in PSI, substitution of other data for the these codes may be 
necessary to exclude them from the datastream formed for 
the program to be stored. Provision for substitution of nuJl 
data for the broadcast encryption codes at intervals other 
±an those at which the CPSI occurs is discussed later. 
Specifically, substitution of broadcast encryption codes in 
real-time i.e. at packet frequency when the codes are con- 
veyed in packet headers, for example, is discussed in con- 
nection with steps 237-249. 

In step 230, controller 115 forms the CPSI data into 
sections in accordance with the MPEG syntax (paragraphs 
2.4.4.3-2.4.4.11 of the MPEG systems standard). Controller 
115. in step 230, also adds header data to the CPSI data 
sections to format and packet ize the CPSI data for insertion 
into the datastream to be stored. Controller 115 creates the 
headers in accordance with sections 2.4.3.2 and 2.4.3.3 of 
the MPEG systems standard from the PSI header data stored 
in the controller 115 internal memory. However, CPSI 
section data is different in length relative to corresponding 
PSI section data. Therefore, new header parameters includ- 
ing the 'continuity count' indicator and *payload unit start 
indicator* are created by controller 115 aiKi inserted in the 
respective indicator fields within the header data. The new 
continuity cotmt indicator created by controller 115 reflects, 
for example, the number of packets per PID for the CPSI 
elements instead of the different number of packets per PID 
of the corresponding PSI elements. The new payload unit 
start indicator created by controller 115 identifies, for 
example, the first byte of the CPSI section instead of the first 
byte of the corresponding PSI section. 

Following step 230, the flowchart of FIG. 2 continues 
with step 237 of FIG. 3. Controller 115 determines, in step 
237, whether broadcast encryption codes are conveyed in 
datastream fields other than the CPSI. Specifically, control- 
ler 115 determines whether broadcast encryption codes are 
conveyed in MPEG compatible adaptation fields of packet 
headers (per MPEG systems standard syntax section 
2.4.3.4). If so, controller 115 performs step 249 to create a 
composite datastream that comprises CPSI packets and 
program content packets with null data substituted for the 
broadcast encryption codes in the packet headers. The 
encryption code substitution is performed on a packet by 
packet basis at packet frequency. 

In step 249, the substitution packet data pre-loaded during 
step 215 (FIG. 2) into the substitution buffer in unit 60 is 
provided from unit 60 to mux HO (FIG. 1) under control of 
controller 115. In addition, in step 249, the CPSI in the form 
of packetized MPEG compatible section data formed in step 
230 is provided by controller 115 to mux 110 (FIG. 1). 
Program content packet datastreams from unit 47 or unit 50 
as previously discussed in connection with step 215, are also 
provided to mux 110. In step 249, controller 115 multiplexes 
between the program content datastream, the CPSI 
datastream, and the substitution data input to mux 110 using 
path select signal C to create a composite datastream that is 
output by mux 110 to storage interface 95. The composite 
datastream comprises program content packets and CPSI 
packets with null data substituted for the broadcast encryp- 
tion codes in the packet headers. 

Controller 115 synchronizes insertion of the CPSI packets 
and null data into the program datastream to be stored, in 



05/11/2004, EAST Version: 1.4.1 



6,016,348 

11 12 

response to a PSl iniemipt signal and a substitution liming If controller 115 determines, in step 237, that no broadcast 

signal from control unit 65 (FIG. 1). The PSI interrupt encryption codes arc conveyed in MPEG compadble adap- 

indicatcs the presence of PSI packets in buffer 60 as dis- tation fields of packet headers, controller US performs steps 

cussed in conocction with step 205. The substitution timing 240-245. These steps mirror steps 249-258 except that 

signal synchronizes insertion of null data with the occur- 5 because there are no broadcast encryption codes present in 

rence of the broadcast encryption codes in packet headers. In the dalaslreams input to mux 110 representing the program 

this manner, the packetized sections of the CPSI are inserted to be stored, there is no need for insertion of null data, 

into PSI locations to replace the corresponding sections of Otherwise, controller 115 performs step 240 to create the 

the PSI and the broadcast encryption codes are removed. CPSI stream for storage via store interface 95 and performs 

The non-encrypted CPSI data is insertablc in either the step 244 to bill the user for storage in similar fashion to that 

encrypted or non<acrypted program content datastreams described in connection with steps 249 and 254. This branch 

that are input to mux 110 in order to create either encrypted of the process of FIGS. 2-3 terminates at step 245. However, 

or non-encrypted programs for storage. it should be noted that the CPSI stream may alternatively be 

It should be noted that the broadcast encryption code provided to other applications in steps 240 and 249 such as 

substitution performed in step 249 may also be applied to display or communication via interface 70 instead of storage 

codes conveyed in datastream fields other than the MPEG via interface 95. 

packet header adaptation fields. Further, the encryption The CPSI stream from mux 110 is buffered by interface 95 

codes may be replaced at intervals other than those at which ^ variation in the data. The resultant 

the adaptation fields occur. For example, nuU data may be buffered data is processed by storage device 90 to be suitable 

substituted for encryption codes occumng in a variety of ^ ^^.^ ^^^5 ControUer 115 initiates and 

MPEG and ^^^'^PEG c^^P^^^^^^^ 20 ^ ^ ^^^^^ ^^^.^ 1) by 

mcluding: auxiliary packets within the proprietary Digital . « mn « rt««ri,r,i;,«H rcunc 

SatelUte System (DSS-); Packetized Elementary Stream command via VO port 100 usmg a standardized CEBus 

(PES) fiel^ (per MPEG systems standard syntax sections control protocol (e.g. Horne Automation Standard (CEBus), 

2.5.3 7-2.5.4^; Digital Storage Media Control Commands EIA/IS-60, December 1989). Storage device 90 is a linear 

(DSMCC) fields (per MPEG systems standard syntax 25 ^^^^^S^ medium DVHS™ type device and medium 105 is a 

Appendix A); and non-MPEG packets formatted according linear sequential access type medium such as video tape, for 

to other data transmission protocols such as the standardized example. Storage device 90 encodes the buffered datastream 

CEBus control protocol (Home Automation Standard from interface 95 using known error encoding techniques 

(CEBus), ELVIS-60, December 1989). such as channel coding, interleaving and Reed Solomon 

If the encryption codes are conveyed in packets in which 30 encoding to produce an encoded datastream suitable for 

thecodesthemselvcsaretheonlydataitemsofconsequenoe, storage. Unit 90 stores the resultant encoded datastream 

the code carrying packets may be omitted entirely from the incorporatmg the CPSI on tape medium 105. 

output datastream. This may be accomplished by discarding Although described as a DVHS*™ device that stores data 

the packets via PID selection units 45 and 47 (FIG. 1) or by on a linear type storage medium in the exemplary embodi- 

omitting the packets during the multiplexing operation per- 35 mcnt of FIG. 1, storage unit 90 may be any type of storage 

formed in step 249. However, data rate and data structure unit. For example, unit 90 may be a solid state or nonlinear 

sensitive parameters within the output datastream syntax type device for storing data in RAM or on a nonhnear 

may need to be updated to reflect the data rate change medium. A nonlinear type medium is a medium that accom- 

occurring as a result of such packet data omission. modates non-sequential access such as a disc medium 

In step 249, store interface 95 (FIG. 1) receives the 40 including CDROM or DVD. for example. If unit 90 and 

programs to be stored in the form of the packetized datas- medium 105 are nonhnear or^hd state type storage 

tream (hereinafter termed the CPS! stream) incorporating systems, umt 90 separates the CPSI data from the CPSI 

the CPSI and nuU data from mux 110. In step 254 (FIG. 3), stream and stores the CPSI data in a designated directory 

following step 249, the conditional access system within section of the medium. This advantageously avoids repeated 

system 25 biUs the User for the program storage (or com- 45 storage of the CPSI and reduces the required storage capac- 

munication to other devices). The User is billed by storing ity. Alternatively, unit 90 may store the CPSI stream as 

billing information within the insertable smart card itself. formed and mpul to umt 90. mcorporaUng one or more 

The storage of the billing information is initiated by the repetitions of the CPSI data. 

application of the playback algorithm but billing need not be Further, system 25 of HG. 1 may incorporate a phirality 

contemporaneous with application of the algorithm. The 50 of storage/retrieval paths that support the operation of a 

billing information indicates that the User has stored an plurality of storage devices of various types mcluding Imear, 

encrypted broadcast program. This biUing information is nonlinear and solid state types. The single storage/retrieval 

later accessed via telephone Unk by the service provider and path shown in FIG. 1 comprises units 47, 90, 95, 105 and 

used to bUl the User via a conventional bilUng process. HO, as described. By replicating these elements to create 

Other billing mechanisms are equally possible. For example, 55 parallel storage functions, system 25 is readUy extended to 

credits may be deducted from a pre-stored credit sum within incorporate a phiraUty of storage paths. The storage path and 

a smart card. Further, the smart card may vary billing programs destined for a particular storage device are 

amount based on the type of storage requested e.g. there may selected by user generated data (SP, SM) input to controller 

be one fee for storage permitting only a single copy or 115 via interface 120 following on-screen menu selection 

playback of the stored program and another fee for storage 60 with remote control unit 125, as previously described, 

permitting unlimited copying or playback of the program. System 25 of FIG. 1 recovers programs from storage 

The type of storage requested is encoded within designated device 90 and medium 105 in a playback mode using the 

copy protection data in the CPSI stream itself or in packet process of FIG. 4. The recovered datasUeams are processed 

data external to the CPSI stream. The process of FIGS. 2-3 by system 25 and provided to application devices 75, 80 and 

used by controller 115 to generate a program datastream (the 65 85 for display or output, for example. Alternatively, the 

CPSI stream) suitable for storage 00 medium 105 and to bill program datastreams may be stored on other parallel storage 

a user for the storage terminates at step 258. devices (not shown in FIG. 1 to simplify the drawing). 
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Id step 505 of FIG. 4, foUowiag the start at step 500, user 
generated data (SR, SM) is input to controller 115 of system 
25 (FIG. 1) identifying the programs (SR) to be recovered 
and the storage device (SM) from which the programs arc to 
be recovered. The user selection data is input to controller 
115 via interface 120 following on-screen menu selection 
with remote control unit 125. It is assumed for exemplary 
purposes that the user selects programs to be recovered from 
storage device 90 (FIG. 1). 

Controller 115, in step 510, initiates recovery of the 
selected program datastreams by device 90 from mediiun 
105 by command via I/O port 100 using the standardized 
CEBus control protocol as previously discussed. Device 90 
decodes the error encoded data retrieved from medium 105 
to recover the corresponding data originally provided to 
device 90 for storage. Device 90 may be a DVHS™ Unear 
type storage unit or another type of storage unit such as a 
solid state RAM or nonlinear type DVD or CDROM type 
device. The recovered decoded datastreams are transferred, 
in step 510, by device 90 to interface 95. This data transfer 
is controlled and synchronized by controller 115 via the 
standard CEBus. Interface 95, buffers the data received from 
unit 90 to adjust the time intervals between data packets to 
provide a buffered data output that is MPEG compatible and 
complies with MPEG bit rate constraints. 

In step 515, controller 115 directs the buffered output 
from interface 95 (the playback datastream) via mux 37 to 
PID selection imits 45 and 47 using path select signal C. In 
step 515, controller 115 determines whether single copy or 
unlimited copy Limitations that were encoded in the desig- 
nated copy protection data in steps 244 and 254 (FIG. 3), are 
being exceeded by the recovered program. Subject to recov- 
ery being permitted, controller 115, in step 515 (FIG. 4), 
recovers the playback encryption code that was generated in 
step 227 (FIG. 2) from the CAT for the selected programs 
(SR) and provides the code to smart card unit 130 in the 
manner previously described in connection with step 215 
(FIG. 2). Under control of controller 115, smart card 130, in 
step 515 (FIG. 4), applies the playback algorithm to generate 
the original broadcast encryption keys from the playback 
encryption code. The broadcast encryption keys are pro- 
vided to the PID, destination and encryption key look-up 
tables in units 45 and 47 by controller 115 in step 515. 

In step 520, units 45 and 47 and the remaining units of 
system 25 process the playback datastream either for storage 
via mux 110 or for application use via interface 70. Both the 
playback datastream from unit 95 and the transmitted datas- 
tream from selector 35, following selection via mux 37, are 
processed by system 25 in a similar maimer. Both these 
datastreams are processed in the way previously described 
for the transmitted datastream except for the encryption key 
generation steps and for the CPSI processing steps. In 
playback mode, smart card 130 applies a playback encryp- 
tion key generation algorithm instead of a broadcast key 
generation algorithm. Smart card unit 130 applies the play- 
back algorithm function to decrypt the encryption codes 
previously encoded with the playback encoding algprithm in 
step 227 of FIG. 2. Thereby, unit 130 derives the original 
broadcast encryption keys for the program selected for 
playback (SR). The broadcast encryption keys are used by 
DES decryption unit 50 to decrypt the encrypted program 
content packets in subsequent step 520 (FIG. 4) in the 
manner previously described for the trananitted datastream. 
However, the playback datastream selected via mux 37 
already incorporates the CPSI. Therefore, in the playback 
mode, controller 115 in step 520, does not perform the steps 
related to CPSI formation described in connection with 
FIGS. 2-3. 
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In the exemplary playback mode shown in FIG. 4, system 
25 in step 520, transport decodes the playback datastream to 
provide decoded data to application decoders 80 and 85, for 
display. In this mode, system 25 applies the latest complete 

5 CPSI data contained in the playback datastream, in accor- 
dance with the MPEG standard, to provide a transport 
decoded datastream representing selected program SR. 

The CPSI is applied in tran^ort decoding the playback 
datastream using PID filters 45 and 47, decryptor 50, 

jQ decoder 55, buffer 60 and control unit 65 in a manner similar 
to that previously described in connection with FIG. 1. The 
transport decoded datastream, excluding the CPSI, is 
provided, via interface 70, to application decoders 80 and 85 
for MPEG decoding and image reproduction. In other 

J J modes, system 25 provides the playback datastream incor- 
porating the CPSI to other application devices such as to 
high speed data port 75, for example. The CPSI is then 
available to be applied in transport decoding the playback 
datastream, as necessary, by these application devices or 
subsequent devices. If the playback datastream is to be 
stored to a second storage device other than device 90, for 
example, mux 110 provides the datastream, incorporating 
the CPSI, to the second storage device via a second storage 
interface. Further, the second storage device and interface 

2j (neither are shown in FIG. 1) mimic the operation and 
function of units 90 and 95 respectively. The data from 
interface 70, MPEG decoded by application decoders 80 and 
85, is presented via audio and image reproduction devices in 
units 80 and 85 respectively. 

3Q Id step 527 (FIG. 4), the conditional access system within 
system 25 bills the User for the program playback. The User 
is billed within the insertable smart card itself by storage of 
billing information upon the application of the playback 
algorithm. The billing information indicates that the User 

35 has recovered an encrypted broadcast program. This billing 
information is later accessed via telephone link by the 
service provider and used to bill the User via a conventional 
billing process. Other billing mechanians, as previously 
described, may equally be used. The playback process of 

4Q FIG. 4 terminates at step 530. 

The architecture of FIG. 1 is not exclusive. Other archi- 
tectures may be derived in accordance with the principles of 
the invention to accomplish the same objectives. Further, the 
functions of the elements of the FIG. 1 architecture and the 

45 process steps of FIGS. 2-4 may be implemented in whole or 
in part within the programmed instructions of a micropro- 
cessor In addition, the principles of the invention apply to 
any system using an MPEG or non-MPEG compatible 
electronic program guide for conveying any of the informa- 

50 tion described herein as being conveyed in MPEG PSI 
tables. The invention principles are not restricted to program 
guides or PSI conveyed in MPEG compatible PSI tables. 
What is claimed is: 

1. A conditional access processor for processing a digital 
55 datastream containing encrypted program data and an 
encryption code, comprising: 

first algorithm means for decrypting said encryption code 

to provide an encryption key; and 
second algorithm means for encrypting said encryption 
60 key, wherein 

said second encryption algorithm is different from said 
first encryption algorithm wherein 
said conditional access system resides within a host 
device; 

65 said first and second algorithms are contained in an 

electronic device employed within said condi- 
tional access system; and 
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said electrooic device is insertable into said host 
device. 

2. A method of decrypting a program representative 
datastream containing encrypt&d program data and an asso- 
ciated encryption code, using an encryption key recovery 
algorithm stored in an electronic device insertable into a host 
device, comprising the playback mode steps of: 

selecting between a first and a second algorithm to obtain 

said encryption key recovery algorithm; 
employing said encryption key recovery algorithm to 

decrypt said encryption code to recover a broadcast 

encryption key; and 
using said encryption key to decrypt said encrypted 

program data to recover said program. 

3. In a video decoder for receiving and processing digital 
video data for storage in encrypted form, a system for 
processing digital video data containing broadcast encrypted 
program data and an encryption code, comprising: 

a conditional access processor including, 

first algorithm means for decrypting said encryption 
code to provide an encryption key for use in decrypt- 
ing said broadcast encrypted program data; and 

second algorithm means for encrypting said encryption 
key to provide an encrypted playback key for use in 
decrypting encrypted program data recovered from a 
storage medium; and 

third algorithm means for decrypting encrypted pro- 
gram data using one of, 

a) said encryption key, and 

b) said playback key; and 

means for formatting encrypted program data together 
with an associated encrypted playback key to be suit- 
able for storage on a storage medium, wherein 
said first algorithm is different from said second algo- 
rithm and may be updated at a different rate and 
independently of said second algorithm. 

4. A system according to claim 3, wherein 

said second algorithm means includes means for decrypt- 
ing an encrypted playback key recovered from a stor- 
age medium to provide said playback key. 

5. A system according to claim 3, wherein 

said first algorithm is updated more frequently than said 
second algorithm. 

6. A system according to claim 3, wherein 

said conditional access processor selects one of, a) said 
encryption key, and b) said playback key for use by said 
third algorithm. 

7. In a video decoder for receiving and processing digital 
video data for storage in encrypted form, a method for 
processing digital video data containing broadcast encrypted 
program data and an encryption code, comprising the steps 
of: 

decrypting said encryption code using a first algorithm 
to provide an encryption key for use in decrypting 
said broadcast encrypted program data; 

encrypting said encryption key using a second algo- 
rithm to provide an encrypted playback key for use 
in decrypting encrypted program data recovered 
from a storage medium; , 

decrypting encrypted program data with a third algo- 
rithm using one of, 

a) said encryption key, and 

b) said playback key; and 

formatting encrypted program data together with an asso- 
ciated encrypted playback key to be suitable for storage 
00 a storage medium, wherein 



said first algorithm is different from said second 
algorithm and may be updated at a different rate 
and independently of said second algorithm. 

8. A method according to claim 7, wherein said formatting 
5 step provides a datastream that is MPEG compatible. 

9. A method according to claim 7, including the step of 
updating said first algorithm more frequently than said 

second algorithm. 

10. A method according to claim 8, wherein in said 
10 formatting step 

said encrypted playback key is included in Program 
Specific Information (PSI). 

11. A method according to claim 10, wherein 

said encrypted playback key is included in a program map 
table (PMT) in said PSI. 

12. A method according to claim 10, wherein 

said encrypted playback key is included in a conditional 
access table (CAT) in said PSI. 
20 13. A method, according to claim 7, fiirther including the 
step of 

storing a datastream produced in said formatting step on 
a storage medium. 

14. A method according to claim 7, further including the 
25 step of 

initiating billing in response to application of said second 
algorithm. 

15. In a video decoder, a method for adaptively decoding 
broadcast encrypted digital video data and encrypted digital 

30 video data retrieved from a storage medium, comprising the 
steps of: 

receiving broadcast encrypted program data and an asso- 
ciated broadcast encryption code; 
receiving encrypted program data and an associated 

encrypted playback key retrieved from storage; 
decrypting said broadcast encryption code using a first 
algorithm to provide an encryption key for use in 
decrypting said broadcast encrypted program data; 
40 decrypting said encrypted playback key retrieved from 
storage using a second algorithm to provide a playbadc 
key for use in decrypting said encrypted program data 
retrieved from storage; and 
using a third algorithm in decrypting one of, 
*5 a) broadcast encrypted program data with said encryp- 
tion key, and 

b) encrypted program data retrieved from storage with 
said playback key; wherein 

said first algorithm is different from said second 
^0 algorithm and may be updated at a different rate 

and independently of said second algorithm. 

16. A method according to claim 15, wherein 

said first and second algorithms are applied within a smart 
card. 

17. A method according to claim 15, including the step of 
updating said first algorithm more frequently than said 

second algorithm. 

18. A method according to claim 15, including the step of 
deriving said encryption code from received Program 

Specific Information (PSI). 

19. A method according to claim 18, wherein 
including the step of 

deriving said encryption code from a program map 
65 table (PMT) in said received PSI. 

20. A method according to claim 18, wherein 
including the step of 
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deriving said encryption code is from a conditional 
access tabic (CAT) in said received PSI. 

21. A method according to claim 15, further including the 
step of 

initialing billing for playback of said datastream in 5 
response to application of said second algorithm. 

22. A storage medium having recorded thereon encrypted 
program data in a data format including: 

program data encrypted using a fiist encryption algorithm; 
and 10 

an encrypted playback key obtained by encrypting an 
encryption key associated with said encrypted program 
data using a second encryption algorithm, said play- 
back key being suitable for use in decrypting said 
encrypted program data upon recovering said program 
data from said storage medium, wherein 

said first encryption algorithm and said second encryption 
algorithm are different and said first encryption algo- 
rithm may be updated at a different rate and indepen- 
dently of said second algorithm. 

23. A storage medium according to claim 22, wherein 2° 
said encrypted playback key is inchided in Program 

Specific Information (PSI) in said program data. 

24. An insertable electronic smart card for use in a video 
decoder conditional access system for processing broadcast 
encrypted video data received from a broadcast source and 25 
encrypted video data received from local storage, compris- 
ing: 



18 

first algorithm means for decrypting an encryption code 
received from a broadcast source to provide an encryp- 
tion key for use in decrypting said broadcast encrypted 
video data; and 

playback algorithm means for, 

a) encrypting an encryption key to provide an 
encrypted playback key for storage with encrypted 
video data, and 

b) decrypting said encrypted playback key to provide a 
playback key for use in decrypting said encrypted 
video data received from local storage wherein 
said first algorithm is different from said playback 

algorithm and may be updated at a different rate 
and independently of said playback algorithm. 
25. A smart card according to claim 24, further including, 

second algorithm means for decrypting an encryption 
code received from a broadcast source to provide an 
encryption key for use in decrypting said broadcast 
encrypted video data, wherein 

said smart card allows selection between said first and 
said second algorithms. 

* * * * 4 
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